Search This Blog

Asus Chromebook C201

One of the many things that I paid attention to as I walked the halls of Defcon nearly a month ago was the devices people used for the capture-the-flag (CTF) events. During my first walk around the contest area I noticed many people sat against walls or such with macbooks. On later passes I started taking note of the devices that other people were using and a common one was the Asus C201 chromebook.

Chromebooks are basically low-spec linux laptops designed around the use of Google Chrome. Though like many linux devices once you gain access to a terminal you often have free reign to alter the system and gain access to powerful command line tools.

About a week and a half ago I picked up an Asus C201 for about $250 CAD. I will talk about what my typical use case is, what I wanted out of the C201, what my experience was, and a walk-through of how I set mine up to meet my use case.

UPDATE:SarahJamieLewis wrote a thread on twitter adding her 2.5 years of experience to this set-up. You can read the thread here.

Requirements

The first thing someone should consider when they are looking to buy a new device is what their day-to-day use case is. The majority of my time is spent in my web browser on social media or streaming video content. However, when it comes to school use, I spend a lot of time either on the command line in Windows or in various Microsoft Office programs. With that in mind I came up with a list of requirements for a potential daily driver:

Must last a school day (6 to 8 hours) between charges

Must be light enough to carry comfortably all day

Must not experience slow-down during heavy web browsing

Must have access to common command line networking tools

Access to Microsoft Office applications (or equivalents)

Access to Microsoft OneDrive

Capable of running Kali from removable storage

Results

Having done some research I was fully prepared to carry the C201 around for most things, but keep my Surface 3 with me at school to cover for some of the things that ChromeOS would be missing. There was no way to be absolutely sure until I got my hands on the C201 and put some time onto it.

Typical charge lasts 12-14 hours, unless under heavy load in which it will run for about 6 hours.

Slightly larger than my Surface 3, requiring a larger bag. However it is roughly the same weight.

While using tweetdeck, many active tabs, and streaming high bitrate videos, I experienced no slowdown

Access to a full suite of linux command line tools, with the ability to get many more

There are a lot of things I love about the device, but there are some things I miss. I do not have access to Microsoft Office, OneNote, or Onedrive without using them in the browser. This prevents me from accessing a lot of files offline, as well as leaving me wanting for a note taking options. Since I have gained access to a full desktop environment on the device, I should be able to find equivalents.

The C201 has about 10GB of on-device storage available, having a total of 16GB eMMC storage built in. I plan on getting a 64GB microSD card to expand my options somewhat. The lack of storage hasn't bothered me since I travel as light as possible in general. I have many portable storage options with me for when I need to transport or access large files offline.

Originally I attempted to compile and install Kali linux on a USB drive, but I've since realized that I don't have to with the number of tools available through the command line. Instead I used Crouton to create a chroot environment. My understanding of the technical aspects of a chroot is that it creates a second root directory complete with its own binaries and symbolic links to device mounts, so for all intents and purposes it is a completely separate environment running on the same hardware as another linux environment.

My crouton instance is currently running Ubuntu (xenial) with Xfce as a desktop environment. For the most part I use ChromeOS's terminal to access the chroot solely for the command line. When I need desktop applications from linux (that have been compiled for ARM) then I will get more comfortable with switching into that desktop environment and using them.

Additional Notes

I am going to point form some of my experiences with the device, neither hugely negative or positive.

The Asus C201 uses an ARM processor rather than an Intel one, so the selection of linux applications is slightly smaller than normal.

The C201 does not support the Google Play store like some chromebooks do. This means that within ChromeOS you are limited to chrome extensions, and there are not many that I trust.

ChromeOS still gets updates, despite the device itself being from 2015. I suspect that the hardware does not get updated drivers, but I have no way of verifying that.

Some Google websites do not support multiple sign-ins, which meant that I had to create a second user on the device to access Blogger.

Blogger uses "authuser=0" only. As it turns out "authuser=0" in any Chrome window in ChromeOS is the currently logged in user. This made a lot of sense to me once I realized it.

I could not find any documents supporting it, but as it turns out the guide here and Kali image here works with the C201 the same as it does for the Asus Chromebook Flip.

Conclusion

I intend on using the ChromeOS as my daily driver from here on. The C201 is so much faster than my low-spec Surface 3 when it comes to web browsing that I cannot justify carrying the Surface. I will find alternatives to Office and OneNote for offline access. There are ways to access my OneDrive storage through the browser and keeping things synced might be a problem, but one I am willing to manage for all the benefits I get from the device.

About the Author

AwfulyPrideful is a networking and telecommunications student with a passion for infosec. They can be found on twitter talking about infosec, technology, games, and politics. They maintain a blog of their journey into infosec, explaining complex topics in layman's terms, sharing the lessons they learn, and providing commentary of tech culture. If you want to support them directly you can do so via paypal and patreon.

My Set-up

Here is a step-by-step guide as to how I set up my chromebook. These steps are by no means universal to every Chromebook, but for the most part the process should be similar. Many of the steps here are taken from this guide.

Hardware Requirements

Pair of Yubikey devices that are U2F capable.

Smartphone with an Authenticator. This is just to meet a requirement, not for actual use.

Remove your cell phone from the process. Having the Authenticator app is a requirement, but I have my backup Yubikey should I lose access to my primary one.

Click the bottom right where your account image is. Click the gear to bring up the settings.

Find the sync settings for your account. Turn off all syncing except for Application and Extensions. The guide above has a better explanation of what these sync settings do.

This is where I signed into my second account. Once you sign in with both users you can switch between user spaces by pressing "Ctrl+," or "Ctrl+."

Click your picture in the bottom right. Click Sign Out.

At the Log-in Screen, log in with your secondary account.

Set the same sync preferences for this account as your primary device.

Sign out, then log back into the primary account.

Click your picture in the bottom right, click your account name beside Sign Out. Select "Add Another User," then sign in with your second account. You will need to do this after every reboot.

We are going to ensure that random people cannot pick up your chromebook and sign in on their own accounts. We are also going to make sure that someone who picks up your devices cannot identify all possible accounts that they can sign into on the device.

From your management account open Settings. Under People, select "Manage Other People."

Disable guest browsing.

Disable "Show usernames and photos on the sign-in screen"

Enable "Restrict sign-in to the following users." Ensure that only the accounts you added are present.

Open Settings and navigate to "About Chrome OS" page and update. This will take a while and it will probably reboot, depending on how old the device is. Log back in.

If you intent on booting from USB drives you have to turn on that feature. Once you do, when the warning screen pops up during boot, press "Ctrl+U" to boot from USB, and "Ctrl+D" to boot normally. To enable booting from usb:

Press Ctrl+Alt+T to bring up a terminal.

Type "shell" and press Enter.

Type "sudo crossystem dev_boot_usb=1"

Type exit to get back to the "crosh>" prompt. Type exit.

Now we just have to install crouton to access all our Linux goodness. From your primary account:

In the crouton readme, there is a link to the application. Download it.

Download and install the Crouton Extension. Any graphical installation I have done with crouton has failed unless I had the extension installed and specified extension

Open a terminal (Ctrl+Alt+T) and move to shell (type shell, press enter).

Navigating Crouton

I had difficulties getting used to working with crouton. I am still figuring it out, but I will share my tips below. There is also a cheat-sheet for crouton here.

sudo startcli - Entered from a ChromeOS shell, this will get you into your chroot. From there you can use standard linux CLI tools to do everything your heart desires. You will have to install most of your tools using apt-get though. Type exit to unmount and leave the chroot.

sudo startxfce4 -n xenial - This enables the graphical environment. It eats up RAM while it's active, and your battery life will decrease. You can get to the graphical environment by pressing Ctrl+Alt+Shift+Forward or Ctrl+Alt+Shift+Back (Forward and Back being the arrows on the function line, not the arrow keys.)

You have to unmount the chroot before you shut down or the chroot could become corrupted since it is running separately from ChromeOS and doesn't respond to the shutdown process.

I have not figured out how to unmount from the graphical space. However, I have not tried since I mostly use the command line from a Chrome tab.

Comments

Post a Comment

Popular posts from this blog

I recently returned from a trip to Vegas to attend BlackHatUSA 2017 and DEF CON 25. While writing my travel blog I realized that I had a lot of stories, and a lot of travel advice. After working on it a little I decided it would be most useful to post the advice and stories separately. This post will contain all my advice for navigating your first DEF CON adventure. I will share stories in future posts. I am going to jump straight in because I have a lot to share here.
Packing Never check bags if you can avoid it. Prevents loss, theft, or mishandling. If you check bags, keep all your valuables on you.Pack light; leave room for treasure. If you plan on collecting lots of treasure then pack an ultralight duffel in your carry-on. They pack small, you can check it on the trip home.Personal item should be a cross-body bag or backpack. Put your electronics and valuables in it.Carry-on item should be a frameless soft-bodied item. It’ll hold toiletries and clothes; all your valuables are in y…

This is part two of my travel blog for going to BlackHatUSA and DEF CON. Part one covered travel and first-time-attender tips in point-form, and you can read it here. In this post I am going to speak about my experience at DEF CON and, without names, the people that I met there. The post will be broken up into topics rather than chronologically.

This has been difficult to sit down and write because of a lot of interpersonal drama that happened on Twitter and in the convention halls that I, frankly, don't want to discuss again. I wanted to talk about things that did not have to do with the drama.
First Impressions
After I arrived at the Ceasers on Thursday, I met up with some people and had to deal with that. I had been explaining who I was to everyone that I already knew online for a couple days at BlackHatUSA and had become increasingly comfortable with the process. Approaching people, though, never got easier, but I learned to introduce myself and follow with my twitter handle. …